Thread: pgsql: Make detection of SSL_CTX_set_min_proto_version more portable

pgsql: Make detection of SSL_CTX_set_min_proto_version more portable

From

Peter Eisentraut

Date:

21 November 2018, 01:02:12

Make detection of SSL_CTX_set_min_proto_version more portable

As already explained in configure.in, using the OpenSSL version number
to detect presence of functions doesn't work, because LibreSSL reports
incompatible version numbers.  Fortunately, the functions we need here
are actually macros, so we can just test for them directly.

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/ea8bc349bd1d92a882d636b535723b36366d9fbe

Modified Files
--------------
src/backend/libpq/be-secure-openssl.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)

Re: pgsql: Make detection of SSL_CTX_set_min_proto_version more portable

From

Thomas Munro

Date:

21 November 2018, 02:10:04

On Wed, Nov 21, 2018 at 11:02 AM Peter Eisentraut <peter_e@gmx.net> wrote:
>
> Make detection of SSL_CTX_set_min_proto_version more portable
>
> As already explained in configure.in, using the OpenSSL version number
> to detect presence of functions doesn't work, because LibreSSL reports
> incompatible version numbers. Fortunately, the functions we need here
> are actually macros, so we can just test for them directly.

curculio says:

libpq/be-secure-openssl.o: In function `be_tls_init':
/home/pgbf/buildroot/HEAD/pgsql.build/src/backend/libpq/be-secure-openssl.c:197:
undefined reference to `SSL_CTX_set_max_proto_version'
/home/pgbf/buildroot/HEAD/pgsql.build/src/backend/libpq/be-secure-openssl.c:193:
undefined reference to `SSL_CTX_set_min_proto_version'

--
Thomas Munro
http://www.enterprisedb.com